New Linux page (#491)

Co-Authored-By: Daniel Gray <dng@disroot.org>

_data/operating-systems/linux-desktop-immutable/1_fedora-silverblue.yml

@@ -0,0 +1,16 @@
+title: Fedora Silverblue (and Kinoite)
+type: Recommendation
+logo: /assets/img/linux-desktop/fedora-silverblue.svg
+description: |
+  **Fedora Silverblue** and **Fedora Kinoite** are immutable variants of Fedora with a strong focus on container workflows. Silverblue comes with the [GNOME](https://www.gnome.org/) desktop environment while Kinoite comes with [KDE](https://kde.org/). Silverblue and Kinoite follow the same release schedule as Fedora Workstation, benefiting from the same fast updates and staying very close to upstream.
+
+  Silverblue (and Kionite) differ from Fedora Workstation as they replace the [DNF](https://fedoraproject.org/wiki/DNF) package manager with a much more advanced alternative called [`rpm-ostree`](https://docs.fedoraproject.org/en-US/fedora/rawhide/system-administrators-guide/package-management/rpm-ostree/). The `rpm-ostree` package manager works by downloading a base image for the system, then overlaying packages over it in a [git](https://en.wikipedia.org/wiki/Git)-like commit tree. When the system is updated, a new base image is downloaded and the overlays will be applied to that new image.
+
+  After the update is complete the user will reboot the system into the new deployment. `rpm-ostree` keeps two deployments of the system so that a user can easily rollback if something breaks in the new deployment. There is also the option to pin more deployments as needed.
+
+  [Flatpak](https://www.flatpak.org) is the primary package installation method on these distrbutions, as `rpm-ostree` is only meant to overlay packages that cannot stay inside of a container on top of the base image.
+
+  As an alternative to Flatpaks, there is the option of [Toolbox](https://docs.fedoraproject.org/en-US/fedora-silverblue/toolbox/) to create [Podman](https://podman.io) containers with a shared home directory with the host operating system and mimic a traditional Fedora environment, which is a [useful feature](https://containertoolbx.org) for the discerning developer.
+
+website: 'https://silverblue.fedoraproject.org'
+privacy_policy: 'https://fedoraproject.org/wiki/Legal:PrivacyPolicy#:~:text=Fedora%20may%20share%20your%20personal,described%20in%20this%20Privacy%20Statement.'

_data/operating-systems/linux-desktop-immutable/2_nixos.yml

@@ -0,0 +1,17 @@
+title: NixOS
+type: Recommendation
+logo: /assets/img/linux-desktop/nixos.svg
+description: |
+  <strong>NixOS</strong> is an independent distribution based on the <a href="https://nixos.org">Nix package manager</a> with a focus on reproducibility and reliability.
+
+  NixOS's package manager keeps every version of every package in a different folder in the **Nix store**. Due to this you can have different versions of the same package installed on your system. After the package contents have been written to the folder, the folder is made read-only.
+
+  NixOS also provides atomic updates; first it downloads (or builds) the packages and files for the new system generation and then switches to it. There are different ways to switch to a new generation; you can tell NixOS to activate it after reboot or you can switch to it at runtime. You can also *test* the new generation by switching to it at runtime, but not setting it as the current system generation. If something in the update process breaks, you can just reboot and automatically and return to a working version of your system.
+
+  Nix the package manager uses a purely functional language - which is also called Nix - to define packages.
+
+  [Nixpkgs](https://github.com/nixos/nixpkgs) (the main source of packages) are contained in a single Github repository. You can also define your own packages in the same language and then easily include them in your config.
+
+  Nix is a source-based package manager; if there's no pre-built available in the binary cache, Nix will just build the package from source using its definition. It builds each package in a sandboxed *pure* environment, which is as independent of the host system as possible, thus making binaries reproducible.
+
+website: 'https://nixos.org'

_data/operating-systems/linux-desktop-tor/1_whonix.yml

@@ -0,0 +1,16 @@
+title: Whonix
+type: Recommendation
+logo: /assets/img/linux-desktop/whonix.svg
+description: |
+  **Whonix** is based on [Kicksecure](https://www.whonix.org/wiki/Kicksecure), a security-focused fork of Debian. It aims to provide privacy, security, and anonymity on the internet.
+
+  Whonix is meant to run as two virtual machines: a "Workstation" and a Tor "Gateway". All communications from the Workstation has to go through the Tor gateway, and will be routed through the Tor Network.
+
+  Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+
+  Future versions of Whonix will likely include [full system Apparmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
+
+  Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers).
+
+website: 'https://www.whonix.org/'
+website_tor: 'http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/'

_data/operating-systems/linux-desktop-tor/2_tails.yml

@@ -0,0 +1,11 @@
+title: Tails
+type: Recommendation
+logo: /assets/img/linux-desktop/tails.svg
+description: |
+  **Tails** is a live operating system based on Debian that routes all communications through Tor.
+
+  It can boot on almost any computer from a DVD, USB stick, or sdcard. It aims to preserve privacy and anonymity while circumventing censorship and leaving no trace of itself on the computer it is used on.
+
+  By design, Tails is meant to completely reset itself after each reboot. Encrypted [persistent storage](https://tails.boum.org/doc/first_steps/persistence/index.en.html) can be configured to store some data.
+
+website: 'https://tails.boum.org'

_data/operating-systems/linux-desktop/1_fedora-workstation.yml

@@ -0,0 +1,13 @@
+title: Fedora Workstation
+type: Recommendation
+logo: /assets/img/linux-desktop/fedora-workstation.svg
+labels: 'color==info::icon==fas fa-fw fa-trophy::text==Beginner friendly::tooltip==We highly recommend that new Linux users use Fedora Workstation.'
+description: |
+  **Fedora Workstation** is our recommended distribution for users new to Linux.
+
+  It has a semi-[rolling release](https://en.wikipedia.org/wiki/Rolling_release) cycle. While some packages like [GNOME](https://www.gnome.org) are frozen until the next Fedora release, most packages (including the kernel) are updated frequently throughout the lifespan of the release. Each Fedora release is supported for one year, with a new version released every 6 months.
+
+  Fedora generally adopts newer technologies before other distributions e.g., [Wayland](https://wayland.freedesktop.org/), [PipeWire](https://pipewire.org), and soon, [FS-Verity](https://fedoraproject.org/wiki/Changes/FsVerityRPM). These new technologies often come with improvements in security, privacy, and usability in general.
+
+website: 'https://getfedora.org'
+privacy_policy: 'https://fedoraproject.org/wiki/Legal:PrivacyPolicy#Sharing_Your_Personal_Data'

_data/operating-systems/linux-desktop/2_opensuse-tumbleweed.yml

@@ -0,0 +1,11 @@
+title: openSUSE Tumbleweed
+type: Recommendation
+logo: /assets/img/linux-desktop/opensuse-tumbleweed.svg
+description: |
+  **openSUSE Tumbleweed** is a stable [rolling release](https://en.wikipedia.org/wiki/Rolling_release) distribution.
+
+  Tumbleweed follows a rolling release model where each update is released as a snapshot of the distribution. When the user upgrades their system, a new snapshot is downloaded. Each snapshot is run through a series of automated tests by the [openSUSE Build Service](https://build.opensuse.org) to ensure its quality.
+
+  openSUSE Tumbleweed has a [transactional update](https://kubic.opensuse.org/blog/2018-04-04-transactionalupdates/) system that uses [Btrfs](https://en.wikipedia.org/wiki/Btrfs) and [Snapper](https://en.opensuse.org/openSUSE:Snapper_Tutorial) to ensure that snapshots can be rolled back should there be a problem.
+
+website: 'https://get.opensuse.org/tumbleweed/'

_data/operating-systems/linux-desktop/3_archlinux.yml

@@ -0,0 +1,14 @@
+title: Arch Linux
+type: Recommendation
+logo: /assets/img/linux-desktop/archlinux.svg
+description: |
+  **Arch Linux** is a lightweight, do-it-yourself (DIY) distribution meaning that you only get what you install. For more information see their [FAQ](https://wiki.archlinux.org/title/Frequently_asked_questions).
+
+  Arch Linux has a rolling release cycle. There is no fixed release schedule and packages are updated very frequently.
+
+  Being a DIY distribution, the user is expected to setup and maintain their system. Since September 2020, Arch has an [official installer](https://wiki.archlinux.org/title/Archinstall) to make the installation process a little easier.
+
+  A large portion of [Arch Linux's packages](https://reproducible.archlinux.org) are [reproducible](https://reproducible-builds.org").
+
+website: 'https://archlinux.org'
+privacy_policy: 'https://wiki.archlinux.org/index.php/ArchWiki:Privacy_policy'

_data/operating-systems/qubes/1_qubes.yml

@@ -0,0 +1,11 @@
+title: Qubes OS
+type: Recommendation
+logo: /assets/img/qubes/qubes_os.svg
+description: |
+  **Qubes** is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.
+website: 'https://www.qubes-os.org/'
+website_tor: 'http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/'
+privacy_policy: 'https://www.qubes-os.org/privacy/'
+downloads:
+  - icon: fab fa-github
+    url: 'https://github.com/QubesOS'

_data/operating-systems/router/1_openwrt.yml

@@ -0,0 +1,14 @@
+title: OpenWrt
+type: Recommendation
+logo: /assets/img/router/openwrt.svg
+logo_dark: /assets/img/router/openwrt-dark.svg
+description: |
+  **OpenWrt** is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc, and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers.
+
+  ## Notes
+  Consult the [Table of Hardware](https://openwrt.org/toh/start) to check if your device is supported.
+
+website: 'https://openwrt.org'
+downloads:
+  - icon: fab fa-git
+    url: 'https://git.openwrt.org/'

_data/operating-systems/router/2_pfsense.yml

@@ -0,0 +1,11 @@
+title: pfSense
+type: Recommendation
+logo: /assets/img/router/pfsense.svg
+logo_dark: /assets/img/router/pfsense-dark.svg
+description: |
+  pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and VPN endpoint.
+website: 'https://www.pfsense.org'
+privacy_policy: 'https://www.pfsense.org/privacy.html'
+downloads:
+  - icon: fab fa-github
+    url: 'https://github.com/pfsense'